We are constantly updating our YouTube Channel with How-To videos for
our customers with Paraben's E3 Software. Check them out and
subscribe!
https://www.youtube.com/user/ParabenForensics
[https://www.youtube.com/user/ParabenForensics]

E3 provides several engines for detect malware or suspicious files.
The first one can scan any added evidence. This is malware scan from
content analysis. However, it searches for malware in Windows PE
files. For example it will find unsigned files or m...

There are two options to get access to cloud data:
* Using user credentials if we know them.
* Using authentication data file. This files is being generated for
Android devices during logical acquisition and during import of
encrypted iOS backup for...

TO PREPARE AN ADVANCED ANDROID LG DEVICE FOR ACQUISITION:
1. Put the device into Firmware Update mode.
2. Make sure that the required drivers are installed (the required
drivers are included in the Electronic Evidence Examiner Driver Pack).
3. Open Device...

IMPORTANT:
With the forensic process, it is important to note that, with embedded
systems such as smart devices, some data must be written to the device
in order to communicate with it. Depending on the type of device, the
data that is written will chan...

There are advanced, keyword search and sorted files search.
Advanced search is a common search engine with powerful customization.
It helps to customize a lot of options to get the most accurate
results. For example user can search for HEX or text, use ...

Paraben's Device Seizure will work on a machine that has iTunes
installed. However, it does need to have the proper DLLs available to
be able to function properly. This allows all of your forensic tools
to be able to function and run on a single system.
...

Forensic container is specially designed secure database. Data in
forensic containers is encrypted and locked by password. Only E3 and
Evidence Reviewed can provide access to data in the database. DP2C and
FF sticks collects data to forensic containers. A...

Smartphones are the same PCs in a small body. This means that they
have their own OS. Each OS has some version and build number. Each new
version vendors provide some new functions, patches, API changes and
so on. Therefore, we can get different errors on...

iOS is one of the most highly protected file system. Most of iOS
devices file system is not available for users or through Apple API.
It is a big problem for forensics as we also can’t get all data from
a device. However, some users wants to have full acc...

During logical acquisition we get logical structure and its related
data, in other words we copy all available files from the file system
to a case. Logical acquisition has some limitations related to a
device restrictions. Usually, we can’t get all files...

Rooting is a process of getting root permissions for an Android
device. After that we can get access to all file system data using
Android SDK functions. Android must be loaded, and USB-debugging must
be enabled and device unlocked. In case with bootloade...

Usually, we get data in its raw format as dumps or databases. So it is
not really easy and not comfortable for users to work with such data.
For example they need to know where a system stores useful data. It is
a big problem to find it within all system ...